1.
Refer to the exhibit. Communication between two peers has failed. Based on the output that is shown, what is the most likely cause?
Correct Answer
D. PPP negotiation failure
Explanation
Based on the given exhibit, the most likely cause for the communication failure is PPP negotiation failure. This can be inferred from the output shown, which indicates that the LCP (Link Control Protocol) negotiation has failed. LCP is responsible for establishing and configuring the PPP link between two peers, so a failure in this negotiation process would result in communication issues. The other options, such as interface reset, unplugged cable, or improper LMI type, are not supported by the given information.
2.
Refer to the exhibit. A network administrator is tasked with completing the Frame Relay topology that interconnects two remote sites. How should the point-to-point subinterfaces be configured on HQ to complete the topology?
Correct Answer
D. Frame-relay map ip 192.168.1.1 301 broadcast on Serial 0/0/0.1
frame-relay map ip 192.168.2.2 302 broadcast on Serial 0/0/0.2
Explanation
The point-to-point subinterfaces on HQ should be configured with the frame-relay map commands to map the IP addresses of the remote sites to the correct DLCIs on the corresponding serial interfaces. In this case, the IP address 192.168.1.1 should be mapped to DLCI 301 on Serial 0/0/0.1, and the IP address 192.168.2.2 should be mapped to DLCI 302 on Serial 0/0/0.2. This configuration ensures that the correct IP packets are encapsulated and sent over the correct DLCIs to the remote sites.
3.
Which data link layer encapsulation protocol is used by default for serial connections between two Cisco routers?
Correct Answer
C. HDLC
Explanation
HDLC (High-Level Data Link Control) is the default data link layer encapsulation protocol used for serial connections between two Cisco routers. HDLC provides a simple and efficient way to encapsulate data and control information for transmission over serial links. It is a bit-oriented protocol that ensures reliable and error-free communication between devices. HDLC is widely supported by Cisco routers and is the default encapsulation used unless otherwise specified.
4.
Refer to the exhibit. Company ABC expanded its business and recently opened a new branch office in another country. IPv6 addresses have been used for the company network. The data servers Server1 and Server2 run applications which require end-to-end functionality, with unmodified packets that are forwarded from the source to the destination. The edge routers R1 and R2 support dual stack configuration. What solution should be deployed at the edge of the company network in order to successfully interconnect both offices?
Correct Answer
C. A manually configured IPv6 tunnel between the edge routers R1 and R2
Explanation
In order to successfully interconnect both offices and ensure end-to-end functionality with unmodified packets, a manually configured IPv6 tunnel between the edge routers R1 and R2 should be deployed. This will allow for the transmission of IPv6 packets between the two offices over an IPv4 network. This solution ensures that the packets are not modified and can be successfully forwarded from the source to the destination.
5.
Which variable is permitted or denied by a standard access control list?
Correct Answer
B. Source IP address
Explanation
A standard access control list permits or denies access based on the source IP address. This means that it can be used to control which devices or networks are allowed to send traffic to a particular destination based on their IP address. The source IP address is an important factor in determining the origin of network traffic, and by controlling access based on this variable, network administrators can enforce security policies and restrict access to certain resources.
6.
Refer to the exhibit. The link between the CTRL and BR_1 routers is configured as shown in the exhibit. Why are the routers unable to establish a PPP session?
Correct Answer
B. The usernames are misconfigured
Explanation
The routers are unable to establish a PPP session because the usernames are misconfigured. This means that the usernames entered on both routers do not match, causing authentication failure and preventing the establishment of the PPP session.
7.
Which three statements accurately describe a security policy? (Choose three.)
Correct Answer(s)
A. It creates a basis for legal action if necessary
B. It defines a process for managing security violations
F. It provides step-by-step procedures to harden routers and other network devices.
Explanation
A security policy is a set of rules and guidelines that outline how an organization will protect its assets and information. It serves as a basis for legal action by clearly defining what actions are considered violations and can be used as evidence in court if necessary. It also defines a process for managing security violations, establishing protocols for reporting, investigating, and responding to incidents. Additionally, a security policy provides step-by-step procedures to harden routers and other network devices, ensuring that they are configured securely and protected against potential threats.
8.
A network administrator has changed the VLAN configurations on his network switches over the past weekend. How can the administrator determine if the additions and changes improved performance and availability on the company intranet?
Correct Answer
A. Conduct a performance test and compare with the baseline that was established previously.
Explanation
The best way for the network administrator to determine if the additions and changes improved performance and availability on the company intranet is to conduct a performance test and compare it with the baseline that was established previously. By conducting a performance test, the administrator can measure various metrics such as network speed, response time, and overall performance. By comparing these results with the baseline, the administrator can identify any improvements or issues that may have occurred due to the VLAN configurations changes. This method provides objective and quantitative data to assess the impact of the changes on performance and availability.
9.
Refer to the exhibit. Headquarters is connected through the Internet to branch office A and branch office B. Which WAN technology would be best suited to provide secure connectivity between headquarters and both branch offices?
Correct Answer
B. VPN
Explanation
A VPN (Virtual Private Network) would be the best WAN technology to provide secure connectivity between headquarters and both branch offices. VPNs use encryption and authentication protocols to create a secure and private network connection over the Internet. This allows for secure communication and data transfer between the different locations, ensuring the confidentiality and integrity of the transmitted information.
10.
Which statement about a VPN is true?
Correct Answer
C. VPNs use virtual Layer 3 connections that are routed through the Internet.
Explanation
VPNs use virtual Layer 3 connections that are routed through the Internet. This statement is true because VPNs create a secure connection over a public network, such as the Internet, using virtual Layer 3 connections. These connections allow for the encapsulation and encryption of data packets, ensuring privacy and security while transmitting data over the network. By routing the connections through the Internet, VPNs provide a cost-effective and flexible solution for remote access and secure communication between networks.
11.
A company is deciding which WAN connection type it should implement between its main office and branch offices. The company wants to use a cost-effective service that provides virtual circuits between each office. The company also wants to be able to transmit variable-length packets on these circuits. Which solution best meets these requirements?
Correct Answer
D. Frame Relay
Explanation
Frame Relay is the best solution to meet the company's requirements. Frame Relay is a cost-effective WAN connection type that provides virtual circuits between each office. It allows for the transmission of variable-length packets, making it suitable for transmitting data of different sizes. ATM, HDLC, and ISDN are not as suitable because they may not provide the same cost-effectiveness or support for variable-length packets.
12.
A technician is talking to a colleague at a rival company and comparing DSL transfer rates between the two companies. Both companies are in the same city, use the same service provider, and have the same rate/service plan. What is the explanation for why company 1 reports higher download speeds than company 2 reports?
Correct Answer
C. Company 2 is located farther from the service provider than company 1 is.
Explanation
The explanation for why company 1 reports higher download speeds than company 2 reports is that company 2 is located farther from the service provider than company 1 is. The distance between a company's location and the service provider can affect the quality and speed of the DSL connection. The farther the distance, the more likely it is for the signal to weaken and result in slower download speeds. Therefore, company 2, being located farther away, experiences slower download speeds compared to company 1.
13.
Refer to the exhibit. What is placed in the address field in the header of a frame that will travel from the DC router to the Orlando router?
Correct Answer
B. DLCI 321
Explanation
The address field in the header of a frame that will travel from the DC router to the Orlando router is DLCI 321.
14.
Refer to the exhibit. This router is being configured to use SDM, but the SDM interface of the router cannot be accessed. What is the cause of the problem?
Correct Answer
D. The username and password are not configured correctly
Explanation
The cause of the problem is that the username and password are not configured correctly. This means that the router is not able to authenticate the user trying to access the SDM interface, hence preventing access to it.
15.
Which two devices can be used by teleworkers who need to connect to the company network across the PSTN for a few hours a day? (Choose two.)
Correct Answer(s)
B. CSU/DSU
C. DSL modem
Explanation
Teleworkers who need to connect to the company network across the PSTN for a few hours a day can use a CSU/DSU and a DSL modem. A CSU/DSU (Channel Service Unit/Data Service Unit) is a device used to connect a router to a digital circuit, such as a T1 line, while a DSL modem allows for high-speed internet access over a telephone line. Both devices are capable of connecting to the PSTN (Public Switched Telephone Network) and can be used by teleworkers for their connectivity needs.
16.
An administrator is configuring a dual stack router with IPv6 and IPv4 using RIPng. The administrator receives an error message when trying to enter the IPv4 routes into RIPng. What is the cause of the problem?
Correct Answer
D. IPv4 is incompatible with RIPng
17.
What is the function of an intrusion detection system on a network?
Correct Answer
B. To detect attacks against a network and send logs to a management console
Explanation
An intrusion detection system (IDS) is designed to detect attacks against a network and send logs to a management console. It does not restrict access to authorized users, prevent attacks, or prevent the spread of viruses or Trojan horse applications. The primary function of an IDS is to monitor network traffic and identify any suspicious or malicious activity that could indicate an intrusion. Once detected, the IDS sends logs or alerts to a management console, allowing administrators to take appropriate action to mitigate the attack and enhance network security.
18.
Refer to the exhibit. All devices are configured as shown in the exhibit. PC1 is unable to ping the default gateway. What is the cause of the problem?
Correct Answer
C. Port Fa0/2 on S2 is assigned to the wrong VLAN.
Explanation
The cause of the problem is that Port Fa0/2 on S2 is assigned to the wrong VLAN. This means that PC1 is not in the correct VLAN and therefore cannot communicate with the default gateway.
19.
When Frame Relay encapsulation is used, what feature provides flow control and exchanges information about the status of virtual circuits?
Correct Answer
B. LMI
Explanation
LMI stands for Local Management Interface, which is a feature in Frame Relay that provides flow control and exchanges information about the status of virtual circuits. LMI messages are used between the Frame Relay switch and the customer's router to manage the connection. It helps in monitoring the status of virtual circuits, detecting failures, and providing flow control mechanisms to ensure efficient data transmission. Therefore, LMI is the correct answer to the question.
20.
A system administrator must provide Internet connectivity for ten hosts in a small remote office. The ISP has assigned two public IP addresses to this remote office. How can the system administrator configure the router to provide Internet access to all ten users at the same time?
Correct Answer
D. Configure dynamic NAT with overload
Explanation
The system administrator can configure dynamic NAT with overload to provide Internet access to all ten users at the same time. Dynamic NAT allows the router to map multiple private IP addresses to a single public IP address, which conserves public IP addresses. With overload (also known as Port Address Translation or PAT), the router can use different port numbers to uniquely identify each connection, allowing multiple users to share the same public IP address. This ensures that all ten users can access the Internet simultaneously using the two assigned public IP addresses.
21.
A company is looking for a WAN solution to connect its headquarters site to four remote sites. What are two advantages that dedicated leased lines provide compared to a shared Frame Relay solution? (Choose two.)
Correct Answer(s)
A. Reduced jitter
C. Reduced latency
Explanation
Dedicated leased lines provide reduced jitter and reduced latency compared to a shared Frame Relay solution. This is because dedicated leased lines offer a dedicated connection between the headquarters site and the remote sites, ensuring a consistent and stable network performance. In contrast, a shared Frame Relay solution may experience variable delays and fluctuations in network performance due to the shared nature of the connection. Therefore, dedicated leased lines are preferred when low latency and minimal jitter are crucial for the company's network requirements.
22.
What will be the result of adding the command ip dhcp excluded-address 192.168.24.1 192.168.24.5 to the configuration of a local router that has been configured as a DHCP server?
Correct Answer
C. The DHCP server will not issue the addresses ranging from 192.168.24.1 to 192.168.24.5.
Explanation
The command "ip dhcp excluded-address" is used to exclude certain IP addresses from being assigned by the DHCP server. In this case, the command "ip dhcp excluded-address 192.168.24.1 192.168.24.5" is added to the configuration of the local router. This means that the DHCP server will not assign the IP addresses ranging from 192.168.24.1 to 192.168.24.5 to any clients.
23.
Refer to the exhibit. A host connected to Fa0/0 is unable to acquire an IP address from the DHCP server. The output of the debug ip dhcp server command shows “DHCPD: there is no address pool for 192.168.3.17″. What is the problem?
Correct Answer
B. The pool of addresses for the 192Network pool is configured incorrectly
Explanation
The problem is that the pool of addresses for the 192Network pool is configured incorrectly. This means that the DHCP server does not have a valid range of IP addresses to assign to clients. As a result, when the host connected to Fa0/0 requests an IP address, the DHCP server cannot provide one because the address pool is misconfigured.
24.
Refer to the exhibit. From the output of the show interfaces and ping commands, at which layer of the OSI model is a fault indicated?
Correct Answer
C. Network
Explanation
Based on the output of the show interfaces and ping commands, a fault is indicated at the network layer of the OSI model. This can be inferred from the fact that the ping command is able to reach the destination IP address successfully, indicating that the transport and network layers are functioning properly. However, the show interfaces command shows that there is a high number of input errors on the interface, suggesting a problem at the network layer.
25.
What three questions can be answered using data gathered from a baseline on a new network? (Choose three.)
Correct Answer(s)
C. What parts of the network have the highest volume?
E. How does the network perform during peak periods?
F. Are there any devices working at top capacity?
Explanation
Data gathered from a baseline on a new network can answer the question of what parts of the network have the highest volume. This data can also provide insights into how the network performs during peak periods, allowing for optimization and improvements. Additionally, it can identify any devices that are working at top capacity, indicating potential bottlenecks or areas that require attention.
26.
Which type of ACL will permit traffic inbound into a private network only if an outbound session has already been established between the source and destination?
Correct Answer
B. Reflexive
Explanation
A reflexive ACL is the correct answer because it allows inbound traffic into a private network only if an outbound session has already been established between the source and destination. This type of ACL is also known as a stateful firewall because it keeps track of the state of connections and only permits traffic that is part of an established session. By doing so, it helps to enhance the security of the network by preventing unauthorized access.
27.
Refer to the exhibit. R1 is performing NAT overload for the 10.1.1.0/24 inside network. Host A has sent a packet to Web Server. What is the destination IP address of the return packet from Web Server when received at R1?
Correct Answer
D. 172.30.20.1:3333
Explanation
When R1 performs NAT overload for the 10.1.1.0/24 inside network, it replaces the source IP address and port number of outgoing packets with its own IP address and a unique port number. Therefore, when the Web Server sends a return packet to Host A, the destination IP address will be 172.30.20.1 (R1's IP address) and the destination port number will be 3333 (the unique port number assigned by R1).
28.
An administrator issues the command show interfaces s0/1/0 on a router that is configured for Frame Relay. Which console output may indicate an LMI mismatch?
Correct Answer(s)
C. Serial0/1/0 is up, line protocol is down
D. Serial0/1/0 is down, line protocol is down
Explanation
The console output "Serial0/1/0 is up, line protocol is down" and "Serial0/1/0 is down, line protocol is down" may indicate an LMI mismatch. This is because in Frame Relay, the LMI (Local Management Interface) is responsible for exchanging information between the router and the Frame Relay switch. If there is a mismatch in the LMI type or configuration between the router and the switch, the line protocol will be down even though the physical interface is up. Therefore, the presence of "line protocol is down" in the console output suggests an LMI mismatch.
29.
A recently patched application server is experiencing response time problems. The network on which the application server is located has been experiencing occasional outages that the network team believes may be related to recent routing changes. Network and application teams have been notified to work on their respective issues. Which statement applies to this situation?
Correct Answer
C. It will be difficult to isolate the problem if two teams are implementing changes independently.
Explanation
It will be difficult to isolate the problem if two teams are implementing changes independently because both the network and application teams are making changes without coordinating with each other. This lack of coordination can make it challenging to identify the root cause of the response time problems, as the changes made by one team may affect the performance of the other team's components. By working independently, the teams may inadvertently introduce conflicts or dependencies that make it harder to troubleshoot and resolve the issue effectively.
30.
Refer to the exhibit. Branch A has a non-Cisco router that is using IETF encapsulation and Branch B has a Cisco router. After the commands that are shown are entered, R1 and R2 fail to establish the PVC. The R2 LMI is Cisco, and the R1 LMI is ANSI. The LMI is successfully established at both locations. Why is the PVC failing?
Correct Answer
D. The IETF parameter is missing from the frame-relay map ip 10.10.10.1 201 command.
Explanation
The PVC is failing because the IETF parameter is missing from the frame-relay map ip 10.10.10.1 201 command. This parameter is necessary for the non-Cisco router at Branch A to understand the encapsulation used by the Cisco router at Branch B. Without the IETF parameter, the routers are unable to establish the PVC successfully.
31.
Refer to the exhibit. Which VLAN will carry untagged traffic on FastEthernet 0/1?
Correct Answer
B. VLAN 2
Explanation
The untagged traffic on FastEthernet 0/1 will be carried by VLAN 2.
32.
What is an accurate description of CHAP when used with PPP on a serial connection between two routers?
Correct Answer
C. A challenge message is sent to the peer router, which responds with its username and a calculated value based on a shared secret. This value is then compared by the challenger to its own calculations.
Explanation
CHAP (Challenge Handshake Authentication Protocol) is a protocol used in PPP (Point-to-Point Protocol) to authenticate the identity of the peer router. In this process, a challenge message is sent from the initiating router to the peer router. The peer router responds with its username and a calculated value based on a shared secret. The initiating router then compares this calculated value with its own calculations to verify the authenticity of the peer router. This method ensures secure authentication by using a shared secret and verifying the response from the peer router.
33.
Where does a service provider assume responsibility from a customer for a WAN connection?
Correct Answer
C. Demarcation point
Explanation
The correct answer is demarcation point. The demarcation point is the physical point at which the responsibility for a WAN connection shifts from the customer to the service provider. It is typically located at the customer's premises and marks the boundary between the customer's network and the service provider's network. At this point, any issues or maintenance related to the WAN connection become the responsibility of the service provider.
34.
Refer to the exhibit. An ACL called Managers already exists on this router. What happens if the network administrator issues the commands as shown in the exhibit?
Correct Answer
A. The commands are added to the end of the existing ACL.
Explanation
The given answer states that the commands will be added to the end of the existing ACL. This means that the new commands will be appended to the existing Managers ACL without overwriting or creating a duplicate ACL.
35.
Which statement is true about PAP in the authentication of a PPP session?
Correct Answer
A. PAP uses a two-way handshake.
Explanation
PAP (Password Authentication Protocol) is a simple authentication method used in PPP (Point-to-Point Protocol) sessions. It involves a two-way handshake process where the client sends its username and password to the server, and the server responds with an acknowledgment. This process verifies the client's identity based on the provided credentials. PAP does not use unique and random passwords, conduct periodic challenges, or use MD5 hashing to secure the password.
36.
Which combination of Layer 2 protocol and authentication should be used to establish a link without sending authentication information in plain text between a Cisco and a non-Cisco router?
Correct Answer
B. PPP with CHAP
Explanation
PPP with CHAP should be used to establish a link without sending authentication information in plain text between a Cisco and a non-Cisco router. PPP (Point-to-Point Protocol) provides a secure and reliable connection between two devices, and CHAP (Challenge Handshake Authentication Protocol) is a secure authentication method that uses a three-way handshake process to authenticate the devices without sending passwords in plain text. This combination ensures that the authentication information is encrypted and protected during transmission, making it an ideal choice for establishing a secure link between Cisco and non-Cisco routers.
37.
Which option correctly defines the capacity through the local loop guaranteed to a customer by the service provider?
Correct Answer
C. CIR
Explanation
CIR stands for Committed Information Rate, which is the capacity through the local loop guaranteed to a customer by the service provider. This means that the service provider ensures a minimum amount of bandwidth or data transfer rate that the customer will always receive, regardless of network congestion or other factors.
38.
Which wireless solution can provide mobile users with non line-of-sight broadband Internet access at speeds comparable to DSL or cable?
Correct Answer
B. WiMAX
Explanation
WiMAX is the correct answer because it is a wireless solution that can provide mobile users with non line-of-sight broadband Internet access at speeds comparable to DSL or cable. WiMAX stands for Worldwide Interoperability for Microwave Access and it uses radio waves to transmit data over long distances. It is capable of delivering high-speed internet access to users in areas where traditional wired connections are not available or feasible. WiMAX technology offers fast and reliable connectivity, making it a suitable option for mobile users who require broadband internet access on the go.
39.
Refer to the exhibit. EIGRP has been configured as a routing protocol on the network. Users on the 192.168.1.0/24 network should have full access to the web server that is connected to 192.168.3.0/24 but should not be allowed to telnet to router R3. Verifying the configuration, the network administrator realizes that users on network 192.168.1.0/24 can successfully telnet to the router. What should be done to remedy the problem?
Correct Answer
A. The ACL 101 statements 10 and 20 should be reversed.
Explanation
The ACL 101 statements 10 and 20 should be reversed. This means that the current statement 10, which allows all traffic from the 192.168.1.0/24 network, should be changed to statement 20, and the current statement 20, which denies telnet traffic to router R3, should be changed to statement 10. By reversing these statements, the ACL will correctly allow access to the web server on the 192.168.3.0/24 network while denying telnet access to router R3 from the 192.168.1.0/24 network.
40.
What does an access control list determine when used with NAT on a Cisco router?
Correct Answer
A. Addresses that are to be translated
Explanation
An access control list (ACL) determines the addresses that are to be translated when used with NAT on a Cisco router. This means that the ACL specifies which IP addresses will undergo the process of address translation, allowing them to be converted from private IP addresses to public IP addresses or vice versa. The ACL helps control and manage the translation process, ensuring that only specific addresses are affected by NAT.
41.
Which IP address and wildcard mask combination can be used in an ACL statement to match the 172.16.0.0/30 network?
Correct Answer
B. 172.16.0.0 0.0.0.3
Explanation
The correct answer is 172.16.0.0 0.0.0.3. This is because a wildcard mask of 0.0.0.3 will match the last two bits of the IP address, allowing for a network range of 172.16.0.0 to 172.16.0.3. Since the given network is 172.16.0.0/30, which has a subnet mask of 255.255.255.252, the corresponding wildcard mask is 0.0.0.3.
42.
Which security solution has the responsibility of monitoring suspicious processes that are running on a host and that might indicate infection of Trojan horse applications?
Correct Answer
A. Antivirus application
Explanation
An antivirus application is responsible for monitoring suspicious processes running on a host and identifying potential Trojan horse infections. It scans files and processes for known malware signatures, behavior patterns, and anomalies to detect and remove any malicious software. By regularly scanning the system and monitoring for suspicious activities, the antivirus application helps to protect the host from Trojan horse infections and other types of malware.
43.
Refer to the exhibit. A network administrator is trying to connect R1 remotely to make configuration changes. Based on the exhibited command output, what will be the result when attempting to connect to R1?
Correct Answer
C. A successful connection and ability to make configuration changes
Explanation
Based on the exhibited command output, the Telnet line vty 0 4 command is present, which indicates that Telnet is enabled on the device. Therefore, the network administrator will be able to connect to R1 remotely and make configuration changes.
44.
Refer to the exhibit. Results of the show vlan and show vtp status commands for switches S1 and S2 are displayed in the exhibit. VLAN 11 was created on S1. Why is VLAN 11 missing from S2?
Correct Answer
B. The VTP domain names do not match.
Explanation
The VTP domain names do not match. VTP (VLAN Trunking Protocol) allows for the synchronization of VLAN information across switches in a domain. In this case, S1 and S2 are in different VTP domains, which means that any VLANs created on one switch will not be propagated to the other switch. Therefore, VLAN 11, which was created on S1, is missing from S2.
45.
A technician has been asked to run the Cisco SDM one-step lockdown on a customer router. What will be the result of this process?
Correct Answer
D. The router is tested for any potential security problems and all recommended security-related configuration changes will be automatically applied.
Explanation
The Cisco SDM one-step lockdown process involves testing the router for potential security problems and automatically applying recommended security-related configuration changes. This helps to enhance the overall security of the router by addressing any vulnerabilities and implementing necessary security measures.
46.
Refer to the exhibit. Which data transmission technology is being represented?
Correct Answer
A. TDM
47.
A network administrator is instructing a technician on best practices for applying ACLs. Which two suggestions should the administrator provide? (Choose two.)
Correct Answer(s)
B. Standard ACLs should be applied inside the core layer.
E. Extended ACLs should be applied closest to the source that is specified by the ACL.
Explanation
Standard ACLs should be applied inside the core layer because they are less resource-intensive and can be applied closer to the destination to filter traffic more effectively. Extended ACLs should be applied closest to the source specified by the ACL because they provide more granular control over traffic and can filter based on source and destination IP addresses, protocols, and port numbers.
48.
Refer to the exhibit. Which configuration command would result in the output in the exhibit?
Correct Answer
F. Ip nat inside source static 192.168.0.10 172.16.76.3
49.
What are three important reasons to establish a network baseline? (Choose three.)
Correct Answer(s)
B. To determine which areas in the network are underutilized or overutilized
C. To determine the performance of the network during the normal hours of operation
D. To determine what thresholds should be set for the devices that need to be monitored
Explanation
Establishing a network baseline is important for several reasons. Firstly, it helps determine which areas in the network are underutilized or overutilized, allowing for better resource allocation and optimization. Secondly, it allows for the evaluation of network performance during normal hours of operation, identifying any bottlenecks or issues that may affect user experience. Lastly, establishing a baseline helps determine the appropriate thresholds that should be set for devices that need to be monitored, ensuring efficient monitoring and management of the network.
50.
Which two statements are true about creating and applying access lists? (Choose two.)
Correct Answer(s)
A. There is an implicit deny at the end of all access lists.
B. One access list per port, per protocol, per direction is permitted.
Explanation
The first statement is true because there is always an implicit deny at the end of all access lists. This means that if a packet does not match any of the conditions in the access list, it will be denied by default.
The second statement is also true because only one access list per port, per protocol, per direction is permitted. This means that you cannot have multiple access lists for the same port, protocol, and direction.
These two statements are true in the context of creating and applying access lists.